LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Probem Ipsec - racoon roadwarrior client - main mode - hybrid_rsa authentication (https://www.linuxquestions.org/questions/linux-networking-3/probem-ipsec-racoon-roadwarrior-client-main-mode-hybrid_rsa-authentication-888722/)

popi 06-28-2011 04:32 AM
Probem Ipsec - racoon roadwarrior client - main mode - hybrid_rsa authentication
 
My client is on Ubuntu Lucid 10.04, I installed ipsec-tools and racoon from the repositories. The gateway is installed on a CentOS machine.

I've configured everything to get a working roadwarrior configuration with authentication_method hybrid_rsa client and server. It's working in aggressive mode, but in main mode I can't get it working. I delivered new CA and certificates several times but I'm still stuck.

It seems that it comes from my client not supporting the certificate sent by the server.
The client contains a copy of the CA, whereas server has a private key and a certificate signed by the CA.


on the client I get the following odd message during connection (both in aggressive and main mode) :
2011-06-28 09:30:15: DEBUG: peer transmitted CR: X.509 Certificate Signature
2011-06-28 09:30:15: ERROR: such a cert type isn't supported: 4

On the server I have the following :
2011-06-28 11:04:38: INFO: received Vendor ID: DPD
2011-06-28 11:04:38: INFO: Selected NAT-T version: RFC 3947
2011-06-28 11:04:38: DEBUG: total SA len=52
2011-06-28 11:04:38: DEBUG:
00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c7080
80010007 800e0080 8003fadd 80020001 80040002
2011-06-28 11:04:38: DEBUG: begin.
2011-06-28 11:04:38: DEBUG: seen nptype=2(prop)
2011-06-28 11:04:38: DEBUG: succeed.
2011-06-28 11:04:38: DEBUG: proposal #1 len=44
2011-06-28 11:04:38: DEBUG: begin.
2011-06-28 11:04:38: DEBUG: seen nptype=3(trns)
2011-06-28 11:04:38: DEBUG: succeed.
2011-06-28 11:04:38: DEBUG: transform #1 len=36
2011-06-28 11:04:38: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
2011-06-28 11:04:38: DEBUG: type=Life Duration, flag=0x8000, lorv=28800
2011-06-28 11:04:38: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=7
2011-06-28 11:04:38: DEBUG: encryption(aes)
2011-06-28 11:04:38: DEBUG: type=Key Length, flag=0x8000, lorv=128
2011-06-28 11:04:38: DEBUG: type=Authentication Method, flag=0x8000, lorv=Hybrid RSA server
2011-06-28 11:04:38: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2011-06-28 11:04:38: DEBUG: hmac(modp1024)
2011-06-28 11:04:38: DEBUG: pair 1:
2011-06-28 11:04:38: DEBUG: 0x2b69133f5380: next=(nil) tnext=(nil)
2011-06-28 11:04:38: DEBUG: proposal #1: 1 transform
2011-06-28 11:04:38: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1
2011-06-28 11:04:38: DEBUG: trns#=1, trns-id=IKE
2011-06-28 11:04:38: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
2011-06-28 11:04:38: DEBUG: type=Life Duration, flag=0x8000, lorv=28800
2011-06-28 11:04:38: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=7
2011-06-28 11:04:38: DEBUG: type=Key Length, flag=0x8000, lorv=128
2011-06-28 11:04:38: DEBUG: type=Authentication Method, flag=0x8000, lorv=Hybrid RSA server
2011-06-28 11:04:38: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
2011-06-28 11:04:38: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2011-06-28 11:04:38: DEBUG: Compared: DB:Peer
2011-06-28 11:04:38: DEBUG: (lifetime = 28800:28800)
2011-06-28 11:04:38: DEBUG: (lifebyte = 0:0)
2011-06-28 11:04:38: DEBUG: enctype = 7:7
2011-06-28 11:04:38: DEBUG: (encklen = 128:128)
2011-06-28 11:04:38: DEBUG: hashtype = MD5:MD5
2011-06-28 11:04:38: DEBUG: authmethod = Hybrid RSA server:Hybrid RSA server
2011-06-28 11:04:38: DEBUG: dh_group = 1024-bit MODP group:1024-bit MODP group
2011-06-28 11:04:38: DEBUG: an acceptable proposal found.
2011-06-28 11:04:38: DEBUG: hmac(modp1024)
2011-06-28 11:04:38: DEBUG: new cookie:
cf694b856ad13bd9
2011-06-28 11:04:38: DEBUG: add payload of len 52, next type 13
2011-06-28 11:04:38: DEBUG: add payload of len 16, next type 13
2011-06-28 11:04:38: DEBUG: add payload of len 16, next type 0
2011-06-28 11:04:38: DEBUG: 124 bytes from x.x.x.15[500] to x.x.x.200[500]
2011-06-28 11:04:38: DEBUG: sockname x.x.x.15[500]
2011-06-28 11:04:38: DEBUG: send packet from x.x.x.15[500]
2011-06-28 11:04:38: DEBUG: send packet to x.x.x.200[500]
2011-06-28 11:04:38: DEBUG: src4 x.x.x.15[500]
2011-06-28 11:04:38: DEBUG: dst4 x.x.x.200[500]
2011-06-28 11:04:38: DEBUG: 1 times of 124 bytes message will be sent to x.x.x.200[500]
2011-06-28 11:04:38: DEBUG:
a8629059 64cca031 cf694b85 6ad13bd9 01100200 00000000 0000007c 0d000038
00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c7080
80010007 800e0080 8003fadd 80020001 80040002 0d000014 4a131c81 07035845
5c5728f2 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
2011-06-28 11:04:38: DEBUG: resend phase1 packet a862905964cca031:cf694b856ad13bd9
2011-06-28 11:04:38: DEBUG: ===
2011-06-28 11:04:38: DEBUG: 220 bytes message received from x.x.x.200[500] to x.x.x.15[500]
2011-06-28 11:04:38: DEBUG:
a8629059 64cca031 cf694b85 6ad13bd9 04100200 00000000 000000dc 0a000084
03bc0534 ca269bcc 5c705fa5 a1960378 6f3d3987 3693a723 946dfcb4 afa3838e
bb42e8a4 01f11ac5 b82b308e 0df8f750 379ba57e 4bdbceff 6ce2e91e 05f0b738
73f1bde0 65475e79 0dc58006 779caa03 baf884a1 4a65f927 e17378c4 06a96a2f
a56a2d0e 3f074998 909411db 140306a5 b99da0f4 94810f44 88f3f597 023ee8d5
14000014 ba91d639 0c765786 6c757740 d4224814 14000014 cf36b772 c87dee08
d6f5744a 08d98747 00000014 d8974740 3476fce1 906a917a e15ed864
2011-06-28 11:04:38: DEBUG: begin.
2011-06-28 11:04:38: DEBUG: seen nptype=4(ke)
2011-06-28 11:04:38: DEBUG: seen nptype=10(nonce)
2011-06-28 11:04:38: DEBUG: seen nptype=20(nat-d)
2011-06-28 11:04:38: DEBUG: seen nptype=20(nat-d)
2011-06-28 11:04:38: DEBUG: succeed.
2011-06-28 11:04:38: INFO: Hashing x.x.x.15[500] with algo #1
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: INFO: NAT-D payload #0 verified
2011-06-28 11:04:38: INFO: Hashing x.x.x.200[500] with algo #1
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: INFO: NAT-D payload #1 verified
2011-06-28 11:04:38: INFO: NAT not detected
2011-06-28 11:04:38: DEBUG: ===
2011-06-28 11:04:38: DEBUG: compute DH's private.
2011-06-28 11:04:38: DEBUG:
69aa17df 9300eac9 2f154ca3 45e3bdd3 2a9509eb fd6c736e c7ff7fe6 9f5a6cb3
c91d4fca cd9666c2 f9da668b ef1b0c75 9686c4e3 e6d61656 b48c4610 2626dfd1
70fec872 ba72732e 5cf65298 b9c73b5b 7cb8885d 0f9a89f0 e137c090 1f6f80e4
c3bce65a 1304b7c3 8c7ae9e9 89f9b3ba 60041e48 9f24392f 7d0f4f67 2cd448ae
2011-06-28 11:04:38: DEBUG: compute DH's public.
2011-06-28 11:04:38: DEBUG:
49b04ee3 d65c6ef6 efb61865 31266abb 1a54d32a c5412235 c9a39154 b39aea4c
7188dd81 e3a83942 e9cbb4a6 37fe4da8 a3d105b8 22aef120 2eda1344 c6fc9594
ba9ba0b0 0ada7f1b 0ca0cbd3 ecbb3b85 688beb2c fcedf2eb 5f9b0e61 501b9ed4
c91ffd4d 982d3d4d 530051ff 1f1dd2e8 33d01bc4 5138adcf 1bf8e64f 26ae8139
2011-06-28 11:04:38: DEBUG: create my CR: X.509 Certificate Signature
2011-06-28 11:04:38: INFO: Hashing x.x.x.200[500] with algo #1
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: INFO: Hashing x.x.x.15[500] with algo #1
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: INFO: Adding remote and local NAT-D payloads.
2011-06-28 11:04:38: DEBUG: add payload of len 128, next type 10
2011-06-28 11:04:38: DEBUG: add payload of len 16, next type 7
2011-06-28 11:04:38: DEBUG: add payload of len 1, next type 20
2011-06-28 11:04:38: DEBUG: add payload of len 16, next type 20
2011-06-28 11:04:38: DEBUG: add payload of len 16, next type 0
2011-06-28 11:04:38: DEBUG: 225 bytes from x.x.x.15[500] to x.x.x.200[500]
2011-06-28 11:04:38: DEBUG: sockname x.x.x.15[500]
2011-06-28 11:04:38: DEBUG: send packet from x.x.x.15[500]
2011-06-28 11:04:38: DEBUG: send packet to x.x.x.200[500]
2011-06-28 11:04:38: DEBUG: src4 x.x.x.15[500]
2011-06-28 11:04:38: DEBUG: dst4 x.x.x.200[500]
2011-06-28 11:04:38: DEBUG: 1 times of 225 bytes message will be sent to x.x.x.200[500]
2011-06-28 11:04:38: DEBUG:
a8629059 64cca031 cf694b85 6ad13bd9 04100200 00000000 000000e1 0a000084
49b04ee3 d65c6ef6 efb61865 31266abb 1a54d32a c5412235 c9a39154 b39aea4c
7188dd81 e3a83942 e9cbb4a6 37fe4da8 a3d105b8 22aef120 2eda1344 c6fc9594
ba9ba0b0 0ada7f1b 0ca0cbd3 ecbb3b85 688beb2c fcedf2eb 5f9b0e61 501b9ed4
c91ffd4d 982d3d4d 530051ff 1f1dd2e8 33d01bc4 5138adcf 1bf8e64f 26ae8139
07000014 9d8aa197 defc4e54 c595bb3c b3927a3a 14000005 04140000 14d89747
403476fc e1906a91 7ae15ed8 64000000 14cf36b7 72c87dee 08d6f574 4a08d987
47
2011-06-28 11:04:38: DEBUG: resend phase1 packet a862905964cca031:cf694b856ad13bd9
2011-06-28 11:04:38: DEBUG: compute DH's shared.
2011-06-28 11:04:38: DEBUG:
f5c43acb 0ef7737d 930315c3 0a532149 21bad054 d9c44746 9ce99c32 42d03efb
4d907cfa 4ca21325 14637328 b947815b 46c70cce bb0f471c 027fc9d1 1e895c7b
5242871a 6395912d ebbe6058 2d260cd0 02974f3a e36cb574 0ce51266 99d3ff85
87a8e006 b9022888 87862004 ffc1e548 994d2183 85024f33 a3c79637 7aed8aaf
2011-06-28 11:04:38: DEBUG: nonce1: 2011-06-28 11:04:38: DEBUG:
ba91d639 0c765786 6c757740 d4224814
2011-06-28 11:04:38: DEBUG: nonce2: 2011-06-28 11:04:38: DEBUG:
9d8aa197 defc4e54 c595bb3c b3927a3a
2011-06-28 11:04:38: DEBUG: hmac(hmac_md5)
2011-06-28 11:04:38: DEBUG: SKEYID computed:
2011-06-28 11:04:38: DEBUG:
f7b4e6be 7fa25878 e3e7bb33 53d166f4
2011-06-28 11:04:38: DEBUG: hmac(hmac_md5)
2011-06-28 11:04:38: DEBUG: SKEYID_d computed:
2011-06-28 11:04:38: DEBUG:
d84dbd06 1919a96f 14803a24 92f2f9a2
2011-06-28 11:04:38: DEBUG: hmac(hmac_md5)
2011-06-28 11:04:38: DEBUG: SKEYID_a computed:
2011-06-28 11:04:38: DEBUG:
f3f5bc97 eb67dad1 8d3a8cba bed39b6b
2011-06-28 11:04:38: DEBUG: hmac(hmac_md5)
2011-06-28 11:04:38: DEBUG: SKEYID_e computed:
2011-06-28 11:04:38: DEBUG:
ecdc77c4 6cfe9e41 b2739943 076ac617
2011-06-28 11:04:38: DEBUG: encryption(aes)
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: DEBUG: final encryption key computed:
2011-06-28 11:04:38: DEBUG:
ecdc77c4 6cfe9e41 b2739943 076ac617
2011-06-28 11:04:38: DEBUG: hash(md5)
2011-06-28 11:04:38: DEBUG: encryption(aes)
2011-06-28 11:04:38: DEBUG: IV computed:
2011-06-28 11:04:38: DEBUG:
a3ee97a9 884653c9 72cd77c6 75cdcf81
2011-06-28 11:04:38: DEBUG: ===
2011-06-28 11:04:38: DEBUG: 76 bytes message received from x.x.x.200[500] to x.x.x.15[500]
2011-06-28 11:04:38: DEBUG:
a8629059 64cca031 cf694b85 6ad13bd9 05100201 00000000 0000004c 96efcc6c
6199bc6d 9ecd7172 637a9477 f2eefff1 d5b29d2c c2262973 d6dba364 ad7263b3
678f581e 592f1b18 0722d898
2011-06-28 11:04:38: DEBUG: begin decryption.
2011-06-28 11:04:38: DEBUG: encryption(aes)
2011-06-28 11:04:38: DEBUG: IV was saved for next processing:
2011-06-28 11:04:38: DEBUG:
ad7263b3 678f581e 592f1b18 0722d898
2011-06-28 11:04:38: DEBUG: encryption(aes)
2011-06-28 11:04:38: DEBUG: with key:
2011-06-28 11:04:38: DEBUG:
ecdc77c4 6cfe9e41 b2739943 076ac617
2011-06-28 11:04:38: DEBUG: decrypted payload by IV:
2011-06-28 11:04:38: DEBUG:
a3ee97a9 884653c9 72cd77c6 75cdcf81
2011-06-28 11:04:38: DEBUG: decrypted payload, but not trimed.
2011-06-28 11:04:38: DEBUG:
0800000c 011101f4 c0a814a6 00000014 8d7abf3f 33849c00 9eb424a2 85c257e6
a0e9bc87 e8b1b1b4 abf2e1dc a8f4c70f
2011-06-28 11:04:38: DEBUG: padding len=16
2011-06-28 11:04:38: DEBUG: skip to trim padding.
2011-06-28 11:04:38: DEBUG: decrypted.
2011-06-28 11:04:38: DEBUG:
a8629059 64cca031 cf694b85 6ad13bd9 05100201 00000000 0000004c 0800000c
011101f4 c0a814a6 00000014 8d7abf3f 33849c00 9eb424a2 85c257e6 a0e9bc87
e8b1b1b4 abf2e1dc a8f4c70f
2011-06-28 11:04:38: DEBUG: begin.
2011-06-28 11:04:38: DEBUG: seen nptype=5(id)
2011-06-28 11:04:38: DEBUG: seen nptype=8(hash)
2011-06-28 11:04:38: DEBUG: succeed.
2011-06-28 11:04:38: ERROR: invalid authmethod 64221 why ?
2011-06-28 11:04:43: DEBUG: ===


I haven't found anything related to that issue on Internet, I don't know what to do...

Here are my racoon.conf :

Gateway :
# Racoon IKE daemon configuration file.
# See 'man racoon.conf' for a description of the format and entries.

path include "/etc/racoon";
#path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";


#option of controlling racoon by racoonctl tool is disabled
listen {
adminsock disabled;
}


#remote section - anonymous address of roadwarrior client
remote anonymous {
## work mode in IKE first phase
## agggressive is for testing purpose
exchange_mode main;

## certificate type, certificate + public key and secret key file name
certificate_type x509 "cert.pem" "privkey.pem";
# ca_type x509 "cacert.pem";

## Identifier sent to the remote host and type to use in phase 1
## asn1dn is type ASN.1 distinguished name (to put right after)
## If string is omitted, racoon will get the DN from the subject
## field in the certificate

my_identifier asn1dn;
# peers_identifier asn1dn;
# verify_identifier off;

## claiming the options requested by other peer
proposal_check claim;

## automatic generation of SPs from the initial connection request
generate_policy on;

## tells racoon to remain passive and wait for new connection
## to be started from the outside
passive on;

## verifying certificates set to off
verify_cert on;

## nat-t set to on
nat_traversal on;

## DPD activation and 20 sec. delay allowed between 2 proof of liveness requests
dpd_delay 20;

## IKE fragmentation enabled
ike_frag on;

## agreement proposal in IKE first phase
proposal {
## cryptography and hash algorithm
encryption_algorithm aes;
hash_algorithm md5;

## authentication method
authentication_method hybrid_rsa_server;

#Diffie-Hellman exponential group
dh_group modp1024;
}
}

# Local network information
# RoadWarrior acceptation among LAN users
mode_cfg {
#starting address of the IP address pool
# LAN
network4 x.x.x.21;

#maximum number of clients
pool_size 10;

#network mask
netmask4 255.255.255.0;

#authentication source - user database on the system
auth_source system;

#configuration source - from data given in this section
conf_source local;

#DNS and WINS servers IP addresses
dns4 x.x.x.36;
wins4 x.x.x.36;

#banner file - welcome message
banner "/etc/racoon/motd";
}


#############################################################

## SA information for IKE second phase

sainfo anonymous {
## Diffie-Hellman exponential group
pfs_group modp1024;

## second phase information lifetime
lifetime time 1 hour;

## cryptography, authentication and compression algorithm
encryption_algorithm aes;

authentication_algorithm hmac_md5;

compression_algorithm deflate;
}




And on the roadwarrior client :

path certificate "/etc/racoon/certs";

listen {
adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660;
}


#############################################################

## Roadwarrior

## Adresse connue de la passerelle VPN

remote x.x.x.15 {

exchange_mode main;

ca_type x509 "/etc/racoon/certs/cacert.pem";

# obeying the options requested by other peer
proposal_check obey;
# nat-t set to on
nat_traversal on;
# IKE fragmentation enabled
ike_frag on;
# accepting information about the network being connected to
mode_cfg on;
# verifying certificates set to off
verify_cert on;
# IKE first phase starting script
script "/etc/racoon/phase1-up.sh" phase1_up;
# IKE first phase ending script
script "/etc/racoon/phase1-down.sh" phase1_down;

peers_identifier asn1dn;
# verify_identifier off;


proposal {
## cryptographiy and hash algorithm
encryption_algorithm aes;
hash_algorithm md5;

authentication_method hybrid_rsa_client;

## Diffie-Hellman exponential group
dh_group modp1024;
}
}

sainfo anonymous {
## Diffie-Hellman exponential group
pfs_group modp1024;

##second phase information lifetime
lifetime time 1 hour;

##cryptography, authentication and compression algorithm
encryption_algorithm aes;
authentication_algorithm hmac_md5;
compression_algorithm deflate ;
}

Any help would be greatly appreciated.

popi 06-28-2011 11:05 AM
My bad
 
Seems like you HAVE to run in aggressive mode if you are in roadwarrior mode or using Nat. I found this on Symantec :

Main Mode
Main Mode uses a 6-message exchange between the initiator and responder during a dynamic tunnel negotiation. Main Mode is more secure since it provides Denial of Service protection and more flexibility in the key negotiation. But because it uses the IP address as part of the exchange for identification it cannot be used in configuration where the IP address of a VPN endpoint may change (NAT) or when the IP address of a VPN endpoint is not known ahead of time (telecommuters).

Aggressive Mode
Aggressive Mode uses a 3-message exchange that eliminates the dependency on the IP address for identification. However, it does not afford the same level of Denial-of-Service protection provided by Main Mode. Aggressive Mode is useful for client-to-gateway tunnels where the IP address of the remote user is not known ahead of time, or for configurations where the IP address of the initiator/responder is changed by a NATting device along the way.

I'll mark the thread as solved.


All times are GMT -5. The time now is 05:04 AM.